1.\"- 2.\" Copyright (c) 2000 Brian Somers <brian@Awfulhak.org> 3.\" All rights reserved. 4.\" 5.\" Redistribution and use in source and binary forms, with or without 6.\" modification, are permitted provided that the following conditions 7.\" are met: 8.\" 1. Redistributions of source code must retain the above copyright 9.\" notice, this list of conditions and the following disclaimer. 10.\" 2. Redistributions in binary form must reproduce the above copyright 11.\" notice, this list of conditions and the following disclaimer in the 12.\" documentation and/or other materials provided with the distribution. 13.\" 14.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 15.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 18.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24.\" SUCH DAMAGE. 25.\" 26.\" $FreeBSD$ 27.\" 28.Dd February 7, 2012 29.Dt PERIODIC.CONF 5 30.Os 31.Sh NAME 32.Nm periodic.conf 33.Nd periodic job configuration information 34.Sh DESCRIPTION 35The file 36.Nm 37contains a description of how daily, weekly and monthly system maintenance 38jobs should run. 39It resides in the 40.Pa /etc/defaults 41directory and parts may be overridden by a file of the same name in 42.Pa /etc , 43which itself may be overridden by the 44.Pa /etc/periodic.conf.local 45file. 46.Pp 47The 48.Nm 49file 50is actually sourced as a shell script from each of the periodic scripts 51and is intended to simply provide default configuration variables. 52.Pp 53The following variables are used by 54.Xr periodic 8 55itself: 56.Bl -tag -offset 4n -width 2n 57.It Va local_periodic 58.Pq Vt str 59List of directories to search for periodic scripts. 60This list is always prefixed with 61.Pa /etc/periodic , 62and is only used when an argument to 63.Xr periodic 8 64is not an absolute directory name. 65.It Ao Ar dir Ac Ns Va _output 66.Pq Vt path No or Vt list 67What to do with the output of the scripts executed from 68the directory 69.Ar dir . 70If this variable is set to an absolute path name, output is logged to 71that file, otherwise it is taken as one or more space separated email 72addresses and mailed to those users. 73If this variable is not set or is empty, output is sent to standard output. 74.Pp 75For an unattended machine, suitable values for 76.Va daily_output , 77.Va weekly_output , 78and 79.Va monthly_output 80might be 81.Dq Li /var/log/daily.log , 82.Dq Li /var/log/weekly.log , 83and 84.Dq Li /var/log/monthly.log 85respectively, as 86.Xr newsyslog 8 87will rotate these files (if they exists) at the appropriate times. 88.It Ao Ar dir Ac Ns Va _show_success 89.It Ao Ar dir Ac Ns Va _show_info 90.It Ao Ar dir Ac Ns Va _show_badconfig 91.Pq Vt bool 92These variables control whether 93.Xr periodic 8 94will mask the output of the executed scripts based on their return code 95(where 96.Ar dir 97is the base directory name in which each script resides). 98If the return code of a script is 99.Sq 0 100and 101.Ao Ar dir Ac Ns Va _show_success 102is set to 103.Dq Li NO , 104.Xr periodic 8 105will mask the script's output. 106If the return code of a script is 107.Sq 1 108and 109.Ao Ar dir Ac Ns Va _show_info 110is set to 111.Dq Li NO , 112.Xr periodic 8 113will mask the script's output. 114If the return code of a script is 115.Sq 2 116and 117.Ao Ar dir Ac Ns Va _show_badconfig 118is set to 119.Dq Li NO , 120.Xr periodic 8 121will mask the script's output. 122If these variables are set to neither 123.Dq Li YES 124nor 125.Dq Li NO , 126they default to 127.Dq Li YES , 128.Dq Li YES 129and 130.Dq Li NO 131respectively. 132.Pp 133Refer to the 134.Xr periodic 8 135manual page for how script return codes are interpreted. 136.El 137.Pp 138The following variables are used by the standard scripts that reside in 139.Pa /etc/periodic/daily : 140.Bl -tag -offset 4n -width 2n 141.It Va daily_clean_disks_enable 142.Pq Vt bool 143Set to 144.Dq Li YES 145if you want to remove all files matching 146.Va daily_clean_disks_files 147daily. 148.It Va daily_clean_disks_files 149.Pq Vt str 150Set to a list of file names to match. 151Wild cards are permitted. 152.It Va daily_clean_disks_days 153.Pq Vt num 154When 155.Va daily_clean_disks_enable 156is set to 157.Dq Li YES , 158this must also be set to the number of days old that a file's access 159and modification times must be before it is deleted. 160.It Va daily_clean_disks_verbose 161.Pq Vt bool 162Set to 163.Dq Li YES 164if you want the removed files to be reported in your daily output. 165.It Va daily_clean_tmps_enable 166.Pq Vt bool 167Set to 168.Dq Li YES 169if you want to clear temporary directories daily. 170.It Va daily_clean_tmps_dirs 171.Pq Vt str 172Set to the list of directories to clear if 173.Va daily_clean_tmps_enable 174is set to 175.Dq Li YES . 176.It Va daily_clean_tmps_days 177.Pq Vt num 178When 179.Va daily_clean_tmps_enable 180is set, this must also be set to the number of days old that a file's access 181and modification times must be before it is deleted. 182.It Va daily_clean_tmps_ignore 183.Pq Vt str 184Set to the list of files that should not be deleted when 185.Va daily_clean_tmps_enable 186is set to 187.Dq Li YES . 188Wild card characters are permitted. 189.It Va daily_clean_tmps_verbose 190.Pq Vt bool 191Set to 192.Dq Li YES 193if you want the removed files to be reported in your daily output. 194.It Va daily_clean_preserve_enable 195.Pq Vt bool 196Set to 197.Dq Li YES 198if you wish to remove old files from 199.Pa /var/preserve . 200.It Va daily_clean_preserve_days 201.Pq Vt num 202Set to the number of days that files must not have been modified before 203they are deleted. 204.It Va daily_clean_preserve_verbose 205.Pq Vt bool 206Set to 207.Dq Li YES 208if you want the removed files to be reported in your daily output. 209.It Va daily_clean_msgs_enable 210.Pq Vt bool 211Set to 212.Dq Li YES 213if you wish old system messages to be purged. 214.It Va daily_clean_msgs_days 215.Pq Vt num 216Set to the number of days that files must not have been modified before 217they are deleted. 218If this variable is left blank, the 219.Xr msgs 1 220default is used. 221.It Va daily_clean_rwho_enable 222.Pq Vt bool 223Set to 224.Dq Li YES 225if you wish old files in 226.Pa /var/who 227to be purged. 228.It Va daily_clean_rwho_days 229.Pq Vt num 230Set to the number of days that files must not have been modified before 231they are deleted. 232.It Va daily_clean_rwho_verbose 233.Pq Vt bool 234Set to 235.Dq Li YES 236if you want the removed files to be reported in your daily output. 237.It Va daily_clean_hoststat_enable 238.Pq Vt bool 239Set to 240.Dq Li YES 241to run 242.Nm sendmail Fl bH 243to automatically purge stale entries from 244.Xr sendmail 8 Ns 's 245host status cache. 246Files will be deleted using the same criteria as 247.Xr sendmail 8 248would normally use when determining whether to believe the cached information, 249as configured in 250.Pa /etc/mail/sendmail.cf . 251.It Va daily_backup_passwd_enable 252.Pq Vt bool 253Set to 254.Dq Li YES 255if you want the 256.Pa /etc/master.passwd 257and 258.Pa /etc/group 259files backed up and reported on. 260Reporting consists of checking both files for modifications and running 261.Xr chkgrp 8 262on the 263.Pa group 264file. 265.It Va daily_backup_aliases_enable 266.Pq Vt bool 267Set to 268.Dq Li YES 269if you want the 270.Pa /etc/mail/aliases 271file backed up and modifications to be displayed in your daily output. 272.It Va daily_calendar_enable 273.Pq Vt bool 274Set to 275.Dq Li YES 276if you want to run 277.Nm calendar Fl a 278daily. 279.It Va daily_accounting_enable 280.Pq Vt bool 281Set to 282.Dq Li YES 283if you want to rotate your daily accounting files. 284No rotations are necessary unless 285.Va accounting_enable 286is enabled in 287.Xr rc.conf 5 . 288.It Va daily_accounting_compress 289.Pq Vt bool 290Set to 291.Dq Li YES 292if you want your daily accounting files to be compressed using 293.Xr gzip 1 . 294.It Va daily_accounting_save 295.Pq Vt num 296When 297.Va daily_accounting_enable 298is set, this may also be set to the number of daily accounting files that are 299to be saved. 300The default is 301.Dq Li 3 . 302.It Va daily_accounting_flags 303.Pq Vt str 304Set to the arguments to pass to the 305.Xr sa 8 306utility (in addition to 307.Fl s ) 308when 309.Va daily_accounting_enable 310is set to 311.Dq Li YES . 312The default is 313.Fl q . 314.It Va daily_news_expire_enable 315.Pq Vt bool 316Set to 317.Dq Li YES 318if you want to run 319.Pa /etc/news.expire . 320.It Va daily_status_disks_enable 321.Pq Vt bool 322Set to 323.Dq Li YES 324if you want to run 325.Xr df 1 326(with the arguments supplied in 327.Va daily_status_disks_df_flags ) 328and 329.Nm dump Fl W . 330.It Va daily_status_disks_df_flags 331.Pq Vt str 332Set to the arguments for the 333.Xr df 1 334utility when 335.Va daily_status_disks_enable 336is set to 337.Dq Li YES . 338.It Va daily_status_zfs_enable 339.Pq Vt bool 340Set to 341.Dq Li YES 342if you want to run 343.Nm zpool Cm status 344on your 345.Xr zfs 8 346pools. 347.It Va daily_status_zfs_zpool_list_enable 348.Pq Vt bool 349Set to 350.Dq Li YES 351if you want to run 352.Nm zpool Cm list 353on your 354.Xr zfs 8 355pools. 356Requires 357.Va daily_status_zfs_enable 358to be set to 359.Li YES . 360.It Va daily_status_ata_raid_enable 361.Pq Vt bool 362Set to 363.Dq Li YES 364if you want to run 365.Nm atacontrol Cm status 366on your 367.Xr ataraid 4 368arrays. 369.It Va daily_status_gmirror_enable 370.Pq Vt bool 371Set to 372.Dq Li YES 373if you want to run 374.Nm gmirror Cm status 375on your 376.Xr gmirror 8 377devices. 378.It Va daily_status_graid3_enable 379.Pq Vt bool 380Set to 381.Dq Li YES 382if you want to run 383.Nm graid3 Cm status 384on your 385.Xr graid3 8 386devices. 387.It Va daily_status_gstripe_enable 388.Pq Vt bool 389Set to 390.Dq Li YES 391if you want to run 392.Nm gstripe Cm status 393on your 394.Xr gstripe 8 395devices. 396.It Va daily_status_gconcat_enable 397.Pq Vt bool 398Set to 399.Dq Li YES 400if you want to run 401.Nm gconcat Cm status 402on your 403.Xr gconcat 8 404devices. 405.It Va daily_status_network_enable 406.Pq Vt bool 407Set to 408.Dq Li YES 409if you want to run 410.Nm netstat Fl i . 411.It Va daily_status_network_usedns 412.Pq Vt bool 413Set to 414.Dq Li YES 415if you want to run 416.Xr netstat 1 417without the 418.Fl n 419option (to do DNS lookups). 420.It Va daily_status_rwho_enable 421.Pq Vt bool 422Set to 423.Dq Li YES 424if you want to run 425.Xr uptime 1 426(or 427.Xr ruptime 1 428if 429.Va rwhod_enable 430is set to 431.Dq Li YES 432in 433.Pa /etc/rc.conf ) . 434.It Va daily_status_mailq_enable 435.Pq Vt bool 436Set to 437.Dq Li YES 438if you want to run 439.Xr mailq 1 . 440.It Va daily_status_mailq_shorten 441.Pq Vt bool 442Set to 443.Dq Li YES 444if you want to shorten the 445.Xr mailq 1 446output when 447.Va daily_status_mailq_enable 448is set to 449.Dq Li YES . 450.It Va daily_status_include_submit_mailq 451.Pq Vt bool 452Set to 453.Dq Li YES 454if you also want to run 455.Xr mailq 1 456on the submit mail queue when 457.Va daily_status_mailq_enable 458is set to 459.Dq Li YES . 460This may not work with MTAs other than 461.Xr sendmail 8 . 462.It Va daily_status_security_enable 463.Pq Vt bool 464Set to 465.Dq Li YES 466if you want to run the security check. 467The security check is another set of 468.Xr periodic 8 469scripts. 470The system defaults are in 471.Pa /etc/periodic/security . 472Local scripts should be placed in 473.Pa /usr/local/etc/periodic/security . 474See the 475.Xr periodic 8 476manual page for more information. 477.It Va daily_status_security_inline 478.Pq Vt bool 479Set to 480.Dq Li YES 481if you want the security check output inline. 482The default is to either mail or log the output according to the value of 483.Va daily_status_security_output . 484.It Va daily_status_security_output 485.Pq Vt str 486Where to send the output of the security check if 487.Va daily_status_security_inline 488is set to 489.Dq Li NO . 490This variable behaves in the same way as the 491.Va *_output 492variables above, namely it can be set either to one or more email addresses 493or to an absolute file name. 494.It Va daily_status_security_diff_flags 495.Pq Vt str 496Set to the arguments to pass to the 497.Xr diff 1 498utility when generating differences. 499The default is 500.Fl b u . 501.It Va daily_status_security_chksetuid_enable 502.Pq Vt bool 503Set to 504.Dq Li YES 505to compare the modes and modification times of setuid executables with 506the previous day's values. 507.It Va daily_status_security_neggrpperm_enable 508.Pq Vt bool 509Set to 510.Dq Li YES 511to check for files where the group of a file has less permissions than 512the world at large. 513When users are in more than 14 supplemental groups these negative 514permissions may not be enforced via NFS shares. 515.It Va daily_status_security_chkmounts_enable 516.Pq Vt bool 517Set to 518.Dq Li YES 519to check for changes mounted file systems to the previous day's values. 520.It Va daily_status_security_noamd 521.Pq Vt bool 522Set to 523.Dq Li YES 524if you want to ignore 525.Xr amd 8 526mounts when comparing against yesterday's file system mounts in the 527.Va daily_status_security_chkmounts_enable 528check. 529.It Va daily_status_security_chkuid0_enable 530.Pq Vt bool 531Set to 532.Dq Li YES 533to check 534.Pa /etc/master.passwd 535for accounts with UID 0. 536.It Va daily_status_security_passwdless_enable 537.Pq Vt bool 538Set to 539.Dq Li YES 540to check 541.Pa /etc/master.passwd 542for accounts with empty passwords. 543.It Va daily_status_security_logincheck_enable 544.Pq Vt bool 545Set to 546.Dq Li YES 547to check 548.Pa /etc/login.conf 549ownership, see 550.Xr login.conf 5 551for more information. 552.It Va daily_status_security_ipfwdenied_enable 553.Pq Vt bool 554Set to 555.Dq Li YES 556to show log entries for packets denied by 557.Xr ipfw 8 558since yesterday's check. 559.It Va daily_status_security_ipfdenied_enable 560.Pq Vt bool 561Set to 562.Dq Li YES 563to show log entries for packets denied by 564.Xr ipf 8 565since yesterday's check. 566.It Va daily_status_security_pfdenied_enable 567.Pq Vt bool 568Set to 569.Dq Li YES 570to show log entries for packets denied by 571.Xr pf 4 572since yesterday's check. 573.It Va daily_status_security_ipfwlimit_enable 574.Pq Vt bool 575Set to 576.Dq Li YES 577to display 578.Xr ipfw 8 579rules that have reached their verbosity limit. 580.It Va daily_status_security_kernelmsg_enable 581.Pq Vt bool 582Set to 583.Dq Li YES 584to show new 585.Xr dmesg 8 586entries since yesterday's check. 587.It Va daily_status_security_loginfail_enable 588.Pq Vt bool 589Set to 590.Dq Li YES 591to display failed logins from 592.Pa /var/log/messages 593in the previous day. 594.It Va daily_status_security_tcpwrap_enable 595.Pq Vt bool 596Set to 597.Dq Li YES 598to display connections denied by tcpwrappers (see 599.Xr hosts_access 5 ) 600from 601.Pa /var/log/messages 602during the previous day. 603.It Va daily_status_mail_rejects_enable 604.Pq Vt bool 605Set to 606.Dq Li YES 607if you want to summarise mail rejections logged to 608.Pa /var/log/maillog 609for the previous day. 610.It Va daily_status_mail_rejects_logs 611.Pq Vt num 612Set to the number of maillog files that should be checked 613for yesterday's mail rejects. 614.It Va daily_status_named_enable 615.Pq Vt bool 616Set to 617.Dq Li YES 618if you want to summarise denied zone transfers (AXFR and IXFR) 619for the previous day. 620.It Va daily_status_named_usedns 621.Pq Vt bool 622Set to 623.Dq Li YES 624if you want to enable reverse DNS lookups. 625.It Va daily_status_ntpd 626.Pq Vt bool 627Set to 628.Dq Li YES 629if you want to enable NTP status check. 630.It Va daily_queuerun_enable 631.Pq Vt bool 632Set to 633.Dq Li YES 634if you want to manually run the mail queue at least once a day. 635.It Va daily_submit_queuerun 636.Pq Vt bool 637Set to 638.Dq Li YES 639if you also want to manually run the submit mail queue at least once a day 640when 641.Va daily_queuerun_enable 642is set to 643.Dq Li YES . 644.It Va daily_scrub_zfs_enable 645.Pq Vt bool 646Set to 647.Dq Li YES 648if you want to run a zfs scrub periodically. 649.It Va daily_scrub_zfs_pools 650.Pq Vt str 651A space separated list of names of zfs pools to scrub. 652If the list is empty or not set, all zfs pools are scrubbed. 653.It Va daily_scrub_zfs_default_threshold 654.Pq Vt int 655Number of days between a scrub if no pool-specific threshold is set. 656If not set, the default value is 35, corresponding to 5 weeks. 657.It Va daily_scrub_zfs_ Ns Ao Ar poolname Ac Ns Va _threshold 658.Pq Vt int 659The same as 660.Va daily_scrub_zfs_default_threshold 661but specific to the pool 662.Ao Ar poolname Ac Ns . 663.It Va daily_local 664.Pq Vt str 665Set to a list of extra scripts that should be run after all other 666daily scripts. 667All scripts must be absolute path names. 668.El 669.Pp 670The following variables are used by the standard scripts that reside in 671.Pa /etc/periodic/weekly : 672.Bl -tag -offset 4n -width 2n 673.It Va weekly_locate_enable 674.Pq Vt bool 675Set to 676.Dq Li YES 677if you want to run 678.Pa /usr/libexec/locate.updatedb . 679This script is run using 680.Nm nice Fl 5 681as user 682.Dq Li nobody , 683and generates the table used by the 684.Xr locate 1 685command. 686.It Va weekly_whatis_enable 687.Pq Vt bool 688Set to 689.Dq Li YES 690if you want to run 691.Pa /usr/libexec/makewhatis.local . 692This script regenerates the database used by the 693.Xr apropos 1 694command. 695.It Va weekly_catman_enable 696.Pq Vt bool 697Set to 698.Dq Li YES 699if you want to run 700.Pa /usr/libexec/catman.local . 701This script processes all out of date manual pages, speeding up the 702.Xr man 1 703command at the expense of disk space. 704.It Va weekly_noid_enable 705.Pq Vt bool 706Set to 707.Dq Li YES 708if you want to locate orphaned files on the system. 709An orphaned file is one with an invalid owner or group. 710.It Va weekly_noid_dirs 711.Pq Vt str 712A list of directories under which orphaned files are searched for. 713This would usually be set to 714.Pa / . 715.It Va weekly_status_pkg_enable 716.Pq Vt bool 717Set to 718.Dq Li YES 719if you want to use 720.Xr pkg_version 1 721to list installed packages which are out of date. 722.It Va pkg_version 723.Pq Vt str 724When 725.Va weekly_status_pkg_enable 726is set to 727.Dq Li YES , 728this variable specifies the program that is used to determine the out of 729date packages. 730If unset, the 731.Xr pkg_version 1 732program is used. 733As an example, this variable might be set to 734.Dq Li portversion 735if the 736.Pa ports/sysutils/portupgrade 737port has been installed. 738.It Va pkg_version_index 739.Pq Vt str 740This variable specifies the 741.Pa INDEX 742file from 743.Pa /usr/ports 744that should be used by 745.Xr pkg_version 1 . 746Because the dependency tree may be substantially different between versions of 747.Fx , 748there may be more than one 749.Pa INDEX 750file in 751.Pa /usr/ports . 752.Pp 753Note, if the 754.Va pkg_version 755variable is set to 756.Dq Li portversion , 757it will also be necessary to arrange that the correct 758.Pa INDEX 759file is specified 760using environment variables and that 761.Va pkg_version_index 762is cleared in 763.Pa /etc/periodic.conf 764.Pq Dq Li pkg_version_index= . 765.It Va weekly_local 766.Pq Vt str 767Set to a list of extra scripts that should be run after all other 768weekly scripts. 769All scripts must be absolute path names. 770.El 771.Pp 772The following variables are used by the standard scripts that reside in 773.Pa /etc/periodic/monthly : 774.Bl -tag -offset 4n -width 2n 775.It Va monthly_accounting_enable 776.Pq Vt bool 777Set to 778.Dq Li YES 779if you want to do login accounting using the 780.Xr ac 8 781command. 782.It Va monthly_local 783.Pq Vt str 784Set to a list of extra scripts that should be run after all other 785monthly scripts. 786All scripts must be absolute path names. 787.El 788.Sh FILES 789.Bl -tag -width ".Pa /etc/defaults/periodic.conf" 790.It Pa /etc/defaults/periodic.conf 791The default configuration file. 792This file contains all default variables and values. 793.It Pa /etc/periodic.conf 794The usual system specific variable override file. 795.It Pa /etc/periodic.conf.local 796An additional override file, useful when 797.Pa /etc/periodic.conf 798is shared or distributed. 799.El 800.Sh SEE ALSO 801.Xr apropos 1 , 802.Xr calendar 1 , 803.Xr df 1 , 804.Xr diff 1 , 805.Xr gzip 1 , 806.Xr locate 1 , 807.Xr man 1 , 808.Xr msgs 1 , 809.Xr netstat 1 , 810.Xr nice 1 , 811.Xr pkg_version 1 , 812.Xr login.conf 5 , 813.Xr rc.conf 5 , 814.Xr ac 8 , 815.Xr chkgrp 8 , 816.Xr dump 8 , 817.Xr newsyslog 8 , 818.Xr periodic 8 , 819.Xr sendmail 8 820.Sh HISTORY 821The 822.Nm 823file appeared in 824.Fx 4.1 . 825.Sh AUTHORS 826.An Brian Somers Aq brian@Awfulhak.org 827